<?php
	if(!isset($_SESSION['loggedin'])){
		//header('Location: index.php');	
	}
  echo '
  <script type="text/javascript">
    var MSG_CONFIRM_DELETE="'.$lang['DELETE_VIP_CONFIRM'].'";
  </script>';
 
    
    include_once('functions.php');
	$dispAll =true;
	$id = null;
    $srvId = null;
	$isEdit = false;
	if(isset($_POST['ins'])){
        if(hasAccess('add_vips')){
            createNewVip();
        }
    } else if(isset($_POST['add_vip_srv'])){
        if(hasAccess('edit_vips')){
            updateVip();
            $dispAll = false;
            $id = $_POST['vip_id'];
        }
    } else if(isset($_POST['upd_vip_srv']) && isset($_POST['vip_srv_id'])){
        if(hasAccess('edit_vips')){
            updateVipSrv();
            $dispAll = false;
            $id = $_POST['vip_id'];
            $srvId = $_POST['vip_srv_id'];
        }
    } else if(isset($_POST['disp']) && isset($_POST['id'])){
       $dispAll = false;
       $id = $_POST['id'];
    } else if(isset($_POST['edit']) && isset($_POST['id'])){
       $dispAll = false;
       $id = $_POST['id'];
       $isEdit =true;
    } else if(isset($_POST['del']) && isset($_POST['id'])){
        if(hasAccess('del_vips')){
            deleteVip();
        }
    } else if(isset($_POST['del_vip_srv']) && isset($_POST['vip_srv_id'])){
        if(hasAccess('edit_vips')){
            deleteVipSrv();
            $dispAll = false;
            if(isset($_POST['vip_id']))
                $id = $_POST['vip_id'];
        }
    } else if(isset($_POST['new'])){
        if(hasAccess('add_vips')){
             $dispAll = false;
        }
    }
    if(!$dispAll){
        echo '<table class="table_main half">
                <tr>
                    <td>';
        showVipDetails($id, $isEdit);
        echo '      </td>
                </tr>
            </table>
            <br /><br />';   
    }
    
    $table_name = $prefix.'_VIPS';
    $query = 'SELECT id, name FROM '.$table_name;
  
	$result = mysql_query($query);
	if(!$result) {
		$error = mysql_error();
		mysql_close();
		echo '<br/>';
		die($error);
	}
	
    if(hasAccess('add_vips')){
        echo '<form class="fill80" method="POST" action="main.php?action=vip">
            <input class="btn" type="submit" name="new" value="'.$lang['ADD_NEW_VIP'].'" />
        </form>';
    }
    if(mysql_num_rows($result)>0){
        echo '<table class="half table_main" >';
                
        while($record = mysql_fetch_array($result)){
            echo '
                <tr>
                    <th class="fill'.($id==$record['id']?' selected':'').'">'.$record['name'].'</th>
                    <td class="fill center">
                        <form class="fill small_form" name="vip_'.$record['id'].'"  id="vip_'.$record['id'].'" method="POST" action="main.php?action=vip">
                            <input type="hidden" name="id" value="'.$record['id'].'" />
                            <table class="center fill">
                                <tr>
                                <td>
                                    <input class="btn" type="submit" name="disp" value="'.$lang['B_DETAILS'].'"/>
                                </td>';
                        if (hasAccess('edit_vips')){
                            echo '  <td>
                                        <input class="btn" type="submit" name="edit" value="'.$lang['B_EDIT'].'" />
                                    </td>';
                        }  
                        if (hasAccess('del_vips')){
                            echo '  <td>
                                        <input class="btn" type="submit" name="del" value="'.$lang['B_DELETE'].'" onclick="return confirmDelete()" />
                                    </td>';
                        }   
                        echo '</tr>
                            </table>
                        </form>
                    </td>
                </tr>'; 
        }
        echo '</table>';
    }
   if($srvId){
        echo '<script type="text/javascript">
                SlideUpDown("vip_srv'.$srvId.'");
        </script>';
   }

?>